Aaa server system for efficient control and address assignment

ABSTRACT

The invention relates to an AAA (Authentication, Authorization, Accounting) server system (RADSS) for managing a pool (A) of logical addresses (IP 1 , . . . , IPN) and a method for updating status information within the AAA server system (RADSS). Said AAA server system (RADSS) comprises several AAA servers (RAD 1 , RAD 2 , RAD 3 ). Each of the AAA servers (RAD 1 , RAD 2 , RAD 3 ) are assigned one or more discrete partial amounts (A 1 , A 2 , A 3 ) of the address pool (A). Status information exchanged relating to address allocation affect the discrete partial amounts (A 1 , A 2 , A 3 ) of addresses. The invention has the advantage of a low-complexity and efficient message exchange between the AAA servers (RAD 1 , RAD 2 , RAD 3 ). An efficient allocation of resources to logical addresses is guaranteed as a result of changes to the assignment of partial amounts (A 1 , A 2 , A 3 ) of logical addresses (IP 1 , . . . , IPN) in AAA servers (RAD 1 , RAD 2 , RAD 3 ), according to need.

The invention relates to an AAA (Authentification, Authorization,Accounting) server system and a method for the administration of a poolof logical addresses.

The logical addressing of subscribers or hosts and the administration ofthe available address space for networks and in the Internet is animportant functional area of network technology. The hardware requiredfor the administration of logical addresses and to provide theappropriate functionality for issuing addresses often takes the form ofAAA (Authentification, Authorization, Accounting) servers, or AAA serversystems. For address administration by multi-server systems, informationabout the issuing of addresses, and about the resources which areavailable, together with items of status information, must be exchangedbetween the individual servers in a reliable manner and at a high datatransmission rate.

When subscribers dial into the Internet, e.g. using either conventionalnarrowband telephone lines or xDSL technology (DSL: Digital SubscriberLine), access to the Internet is normally controlled by AAA serversusing the RADIUS (Remote Authentification Dial-In User Service)protocol, which are therefore called RADIUS servers. This is where theinterface is effected from the telephone network to the Internet or anIP network, as applicable, at an access server which for the Internet isdesignated the Network Access Server (NAS). Before a connection can beestablished for a subscriber, messages are exchanged between the NAS andthe RADIUS server, using the RADIUS protocol, to initiate checks in theRADIUS server on the identity and access rights of the subscriber. Ifthe reply from the RADIUS server is positive, i.e. the subscriber isauthorized, the NAS establishes a connection between the IP network andthe subscriber or his Internet terminal device, as applicable. In doingthis, the Internet terminal device must have a unique routable IPaddress. As the supply of available IP addresses is restricted, mostInternet service providers—referred to below as ISPs—issue IP addressesto their customers, i.e. subscribers, only for the duration of theInternet connection. During different Internet sessions the subscriberor his Internet terminal device, as applicable, is thus assigneddifferent Internet addresses. Usually there is an IP addressrange—referred to below as an address pool—available to the InternetService Provider, from which addresses can be taken for temporaryassignment to subscribers. One Internet Service Provider can also haveseveral address pools available, for example in order to be able to formseveral service groups for different services.

Dynamic assignment of IP addresses is usually effected either in theaccess server or NAS, or alternatively in the AAA server or RADIUSserver. Assigning IP addresses in the access servers or NAS has thedisadvantage of a considerable administration and maintenance effort forInternet Service Providers who operate a large number of access servers.Address pools must be set up in each individual access server. For majorInternet Service Providers, the number of access servers to be suppliedis considerable, and consequently there is substantial expense insetting up and changing address pools. In addition, there is no centralcontrol of the current Internet connections, and the IP addresses theyare using. For example, for the operators of access networks who rentaccess on to smaller Internet Service Providers, central administrationand issuing of the available address pool is of major importance.

In the case of major Internet Service Providers it is therefore usualfor the resource administration, and hence also the administration ofthe IP addresses, to be carried out centrally by one or morehigh-performance and high-availability AAA servers. In this connection,the term “high performance” means the ability to process a large numberof access checks per second.

A common implementation of a high performance central controller is bymeans of a multi-server system. In general, this consists of a number ofindividual computers or servers, as appropriate, which are linked toeach other by means of the IP network. This is a low-cost solution,because it requires no expensive fail-safe hardware or cluster software.In addition, it is easy to scale the system up by the incorporation offurther computers. On grounds of redundancy, to give fail-safety, theindividual computers should be in a position to undertake the tasks ofother computers in the multi-server system. The distribution of the loadto the various computers in the multi-server system is effected, forexample, by the RADIUS clients on the access servers.

For the purpose of administration of the IP addresses by a multi-serversystem, information about the issue of addresses, the demand foraddresses, and status information about ongoing and completed Internetsessions, must be collected and made available to the individualcomputers. Because of the redundancy requirements, the data which isavailable to an individual computer should also be accessible to atleast one other individual computer. In addition, it is necessary toensure that addresses are not issued more than once, by differentindividual computers.

These requirements for the administration of IP addresses by amulti-server system can be satisfied, for example, by IP addresses beingsupplied to the individual computers in the multi-server by a centralserver, e.g. a DHCP (Dynamic Host Configuration Protocol), or by aserver which works using vendor-specific protocols. This solution hasthe following disadvantages:

-   -   Protection of the central computer against failures, e.g. by        duplication, is generally associated with considerable expense.    -   For reliable communication between the central server and the        other computers in the multi-server system, the messages which        are exchanged should be acknowledged. This causes the volume of        data which must be processed to increase sharply with the number        of computers. This has a detrimental effect on the scalability,        that is the integration of further computers into the        multi-server system.    -   An increase in the number of connection requests leads to an        increase in the data traffic between the central server and the        individual computers. As a result, load peaks (bursts) can        occur, and these can cause delays in the processing.    -   The central server often results in additional maintenance        costs.

For the purpose of raising the fail-safety, there is the possibility ofusing an enhanced RADIUS protocol to save status information directly onthe access servers or NAS, as applicable. This solution is documented inRFC (Request for Comments) 2882, but will only function for accessservers which support the appropriate protocol enhancement.

Alternatively, the entire set of data about address pools can be savedon each of the computers in the multi-server system, and messagesexchanged between the individual computers to coordinate the addressreservations. This approach results in a substantial volume of messagesto be exchanged if duplicate issuing of addresses is to be avoided.

The object of the invention is to specify efficient administration ofone or more address ranges in an AAA server system, which avoids thedisadvantages of the conventional methods.

This object is achieved by an AAA server system in accordance with claim1 and a method in accordance with claim 10.

The AAA server system in accordance with the invention incorporatesnumerous AAA servers for the administration of at least one pool oflogical addresses. Here, each of several disjoint subsets or subpools,as applicable, of at least one address pool is assigned to exactly oneAAA server. Only the AAA server to which they belong can assign thelogical addresses in each of the subsets of the address pool to aterminal device or subscriber, and they are administered by that AAAserver (claim 1). It is also possible for a number of subsets of anaddress pool to be assigned to one AAA server. The address pools can be,for example, IP address ranges (claim 2). The assignment of addresses toterminal devices by the AAA servers in the AAA server system can bemade, for example, with the help of the RADIUS (Remote AuthenticationDial-In User Service) protocol (claim 3). These protocols are often usedfor communication between an AAA server system and an access server orNAS, with the help of which terminal devices can be connected to thenetwork (e.g. Internet). The AAA servers of the AAA server system can,for example, communicate with each other using the Internet protocol orTCP/IP (Transmission Control Protocol/Internet Protocol) (claims 4 and8). For the purpose of changing the assignment of subsets of logicaladdresses, or subpools of logical addresses, to AAA servers, it islogical if all the AAA servers of the server system have available theentire pool or entire pools of logical addresses, as applicable (claim5).

The subdivision of the available address space into subsets and theassignment of these subsets to AAA servers permits the effort ofcommunicating between the individual servers or computers, asapplicable, to be reduced.

With the method in accordance with the invention for the updating ofinformation in an AAA server system in accordance with the invention, afirst AAA server in the server system sends an updating messageregularly to all the other servers in the AAA server system. Thisupdating message comprises information about changes in the status ofsubsets of the address pool or address pools assigned to the first AAAserver, which have occurred since the previous available update. Theregular sending, for example at fixed intervals of time, of updatingmessages from the AAA server to all the other AAA servers in the AAAserver system enables the issuing of logical addresses by the individualAAA servers in the AAA server system to be coordinated. In this way, thesubsets of the address pool or address pools which are in use can besignaled to all the AAA servers. In addition, information can beexchanged between the AAA servers about the logical address resourceswhich will be required during the coming time interval. This involves anAAA server, before sending its updating message, in estimating thenumber of logical addresses to be issued in the time period between theupdating message which is being sent and the next-following updatingmessage. This can be done by forming the product of the maximum rate atwhich the AAA server can process requests for the issue of a logicaladdress and the time period between the updating message which is beingsent and the next-following updating message (claim 12). The estimatethus obtained provides an upper limit for the number of addresses whichwill be required. From the subsets of the address pool which areassigned to the server, some are selected from which to take the logicaladdresses which will, according to the estimate, be required in the timeperiod. The updating message can then contain information about which ofthe subsets of the address pool, assigned to the AAA server, have beenselected from which to take the logical addresses which, according tothe estimate, will be required in the time period (claim 11). In thisway, subsets of logical addresses can be marked as “uncertain”, i.e. itis possible that logical addresses may be issued from these subsetswithin the next time period. This marking comes into play if individualAAA servers require additional subsets of the address pool in order tosatisfy connection requests. In such a case, the responsibility for orassignment of subsets of the address pool which are not marked as“uncertain” can be changed, and assigned to the AAA server which has ashortage of logical addresses (claim 13). With this method, theindividual AAA servers communicate a mixture of redundant data andblocking information (marked subsets of the address pool, the assignmentof which may not be reallocated). This limits the volume of data whichmust be exchanged between the servers. As a general rule, individualservers will not be able to see which individual addresses have beenissued by other AAA servers. This reduces the status information whichmust be stored on the individual computers—for other AAA servers, statusdetails will be maintained for the subsets (possibly indexed) ratherthan for the individual addresses—and the data transmission rate for theinformation exchange between the servers is reduced.

If an AAA server should fail, the subsets of the address pool which areassigned to this AAA server can be assigned to another AAA server, e.g.in accordance with the stipulations of a priority list (claims 14 and15). The subsets for the AAA server which has failed may if necessaryalso be distributed between several other AAA servers. It is thenlogical that those subsets of logical addresses which were marked as“uncertain” in the last updating message received from the server whichhas failed should for a certain period of time remain unused when makinga new issue of logical addresses (claim 16). This period of time could,for example, correspond to the maximum permitted connection time (claim17). Updating messages can also be used when rebooting AAA servers inthe AAA server system. For example, a rebooted AAA server would send amulticasting message to the other AAA servers, in which it requests thesending of updating messages and the assignment of subsets of theaddress pool (claim 18). In communicating the updating message, theTCP/IP protocol, the RADIUS protocol or the DIAMETER protocol could beused as the transport protocol. As a result of the reduction in thevolume of messages exchanged, it is possible that the individual serversof the server system could be installed at different places, i.e.locally (claim 9).

Further advantageous developments of the subject of this invention arespecified in the other subclaims.

The invention is explained in more detail below in the context of anexemplary embodiment by reference to five figures. These show:

FIG. 1: A scenario for the dynamic assignment of addresses for Internetsessions.

FIG. 2: The subdivision of an address range or address pool into subsetsor subpools respectively.

FIG. 3: The assignment of subsets of logical addresses to RADIUSservers.

FIG. 4: The exchange of updating messages between three RADIUS servers.

FIG. 5: The various steps in a request for an additional subset oflogical addresses.

In the context of the exemplary embodiment it is assumed that one ormore IP address ranges are administered by a RADIUS server system, i.e.a multi-server system which works by means of the RADIUS protocol. TheRADIUS server system consists of several RADIUS servers which are linkedtogether by means of a network. No special software, e.g. clustersoftware, is required. For the sake of simplicity it is assumed that,for the exemplary embodiment, an address pool corresponds to an IPaddress range, and subsets of the address pool to subranges of IPaddresses. A global address range or address pool, as applicable, can beassigned to an Internet Service Provider, or reserved for certainservice classes.

FIG. 1 shows Internet terminal devices Host1, . . . , Host5, via whichthe subscribers can establish a connection to the Internet INT. With thehelp of the IP (Internet Protocol), which runs via the PPP(Point-to-Point Protocol), a connection can be established between theterminal device Host1 . . . Host5 and an access server NAS. Before theaccess server establishes a connection to the Internet INT, a request isprocessed by the RADIUS server system RADSS. The exchange of messagesbetween the access server NAS and the RADIUS server system RADSS iseffected with the help of the Radius protocol RADIUS. The RADIUS serversystem provides a pool IPPool of separate IP addresses @IP1, . . . ,@IPn, which are assigned dynamically to the Internet terminal devicesHost1, . . . , Hostn for the duration of the connection. After theRADIUS server system has received the authorization message, and an IPaddress has been allocated for the duration of the call, the accessserver NAS establishes an Internet connection for the requestingInternet terminal device Host1, . . . , Host5.

FIG. 2 shows an address pool A, consisting of the address range IP 1 toIP N. This address pool A is subdivided into three subsets A1, . . . ,A3, corresponding to the address subranges IP 1 to IP I, IP J to IP Kand IP L to IP N. Each of the RADIUS servers can release IP addressesfrom any desired subset A1, . . . , A3 of IP addresses. On the otherhand, the right to assign IP addresses for connections is exclusive,i.e. each RADIUS server is assigned one or more subsets A1, . . . , A3of addresses, from which it can issue IP addresses. This right to issueIP addresses can be moved around dynamically between the RADIUS servers.FIG. 3 shows three RADIUS servers, RAD1, . . . , RAD3. Each is assigneda subrange of addresses A1, . . . , A3 (indicated by the unbrokenarrows), from which it can assign addresses. All three RADIUS serverscan release used addresses, this being indicated by the dashed arrows.

FIG. 4 shows how the updating of information about the status of otherRADIUS servers is undertaken by an individual RADIUS server. At regularintervals of time, each RADIUS server, RAD1, . . . , RAD3, sends anupdating message to all the other RADIUS servers, RAD1, . . . , RAD3, toinform them of changes relating to the assigned subsets of addresses.This updating message is sent with the help of an IP multicastingmechanism, and relates only to subsets for which there has been a changesince the last updating message. Updating messages are not acknowledged.Duplicated issuing of IP addresses is excluded because, in the worstcase, information about a release will be lost, i.e. details of an IPaddress which has already been used. The release will then take placelater, after the timer for the maximum issue time has expired. Theupdating message contains in addition information about the subsets ofaddresses from which IP addresses will be issued in the following timeinterval. The subsets concerned are those in which IP addresses areavailable which have not yet been issued. As in FIG. 4, the RADIUSserver RAD1 sends updating messages UpdtRAD1 (for: update for RAD1) tothe RADIUS servers RAD2 and RAD3 at the time points S1.1 and S1.2. Atdifferent time points S2.1 and S2.2, and S3.1 and S3.2, respectively,each of the RADIUS servers RAD2 and RAD3 sends updating messagesUpdtRAD2 and UpdtRAD3 respectively to the other RADIUS servers, RAD1 andRAD3 or RAD1 and RAD2 respectively.

The following information relating to the entire or global address poolA is saved on each of the RADIUS servers RAD1, . . . , RAD3:

-   -   An identifier for the global address pool A, for the case when        several global address pools are used, for example for different        service classes.    -   A list of the RADIUS servers RAD1, . . . , RAD3, which can        access the addresses in the global address pool A. This list        contains the IP address of each RADIUS server RAD1, . . . ,        RAD3, an identifier for each RADIUS server RAD1, . . . , RAD3,        the time point for the last update for each RADIUS server RAD1,        . . . , RAD3, and the total number of IP addresses which are        currently free, i.e. unissued.    -   The first IP address of the global address range A.    -   The number of IP addresses which belong in this address range A.    -   The time interval between successive updates.    -   The maximum duration of Internet device connection that is        provided for.    -   A list of the subsets of IP addresses, for example in the form        of pointers, each of which points to the first IP address in the        subrange.    -   Optionally, a list of access servers or port identifiers. This        list contains all the linked NASs in the form of their IP        addresses or their NAS codes and their port numbers.    -   For a global address pool A, a flag can be defined in addition,        which indicates a shortage of IP addresses. This flag will be        set, for example, if the total number of free IP addresses is        less than a threshold, for example the time interval between        updates multiplied by the maximum rate of requests for IP        addresses. The setting of this flag will be cancelled if the        number of free addresses goes above the threshold again.

The following information relating to the subsets of addresses is storedon all the RADIUS servers:

-   -   The identifier of the RADIUS server which is responsible for the        subset of addresses, i.e. the AAA server which can issue IP        addresses from this subset.    -   The first IP address in the subset or subrange of IP addresses.    -   The number of IP addresses in the subset.

The details held on the AAA RADIUS servers, relating to the subsets ofaddresses, will be updated at regular time intervals. Updating will beinitiated by the expiry of a timer, which measures the time intervalbetween two updating messages. The RADIUS server which is sending outthe updating message concerning the status of its subsets of addressesdetermines those addresses from its assigned subsets of addresses whichare free, i.e. unissued, and identifies the subsets which may beconsidered for use during the next time interval. The updating messagethen includes the code of the Radius server which is sending themessage, the total number of free IP addresses for this RADIUS server,the codes or identifiers of the subsets of addresses which may beconsidered for use during the next time interval, i.e. which are markedas “uncertain”, changes in respect of the use of subsets since the lastupdating message and, if appropriate, further status information. Afterthe updating message has been sent, the timer is restarted. A RADIUSserver which receives an updating message will reset a monitoring timerwhich measures how much time has elapsed since the last updatingmessage. By reference to the updating message it has received, theRADIUS server updates the status details for the Radius server whichsent the message.

FIG. 5 shows the exchange of messages about and during the connection ofa subscriber or terminal device, as applicable. To connect an Internetterminal device, an NAS (Network Access Server) uses the Radius protocolRADIUS to direct an authentification request rAUTH to a RADIUS serverRAD1. This authentification request rAUTH contains the code of the NAS,the identifier of the port and the code of the subscriber or terminaldevice. The RADIUS server RAD1 submits a request rLDAP to an LDAP(Lightweight Directory Access Protocol) database, in the course of whichthe code or identity of the subscriber, as applicable, is determined. Inits reply aLDAP, the LDAP database LDAP supplies the code for the subsetof addresses from which the IP address is to be taken. An IP address isthen determined from this subset of IP addresses. After this, the RADIUSserver informs the NAS of the IP address which has been determined, in areply AAUTH to the authentification request. The fact of this newconnection is notified to the other Radius servers RAD2 in the course ofan updating message UpdtRAD1, e.g. in the form of an updated totalnumber for the IP addresses used and, if appropriate, by the appropriatesubset of addresses being re-marked as “uncertain”. In an analogous way,during its connection the Radius server RAD1 receives updating messagesUpdtRAD2 from other Radius servers RAD2. If the connection is to beterminated, the NAS sends an ‘astop’ message to the RADIUS server, toterminate the billing or accounting for the corresponding connection.This message contains the code of the subscriber and the assigned IPaddress. The RADIUS server RAD1 acknowledges this message by an ACKstopacknowledgement message to the NAS, which again contains the code forthe subscriber and the IP address used. After the connection has beenterminated, the other Radius servers RAD2 are supplied with thecorresponding updated status details in the subsequent updating messageUpdtRAD1.

If the RADIUS server does not have available enough subsets of addressesfor the requests by access servers or NASs, as applicable, it canrequest the assignment of further subsets of IP addresses. A query orrequest of this type, as appropriate, is initiated if the RADIUSserver's total number of free IP addresses falls below a threshold whichis given, for example, by the product of the time interval between theupdating messages and the maximum rate at which connection requests canbe processed. In this case, the RADIUS server will set a flag, whichindicates the shortage of IP addresses. By reference to the statusinformation for the other RADIUS servers, the RADIUS server checks whichserver has the greatest number of free IP addresses or the greatestnumber of unmarked or unused subsets of addresses, as applicable. If itis possible to identify a RADIUS server which has availablesubstantially more free addresses than the threshold value for ashortage of IP addresses, the RADIUS server with an address shortagewill send a request for the assignment of a further subset of addresses.When this message is sent, a monitoring timer is set. If a negativereply is received, the RADIUS server with the address shortage sends anappropriate request to other RADIUS servers, according to the volume oftheir free addresses. If it is not possible to identify a RADIUS serverwith free addresses, or if no reply is received from the RADIUS servers,the RADIUS server which has the shortage of addresses will wait at leastfor one updating interval before repeating its request. If all the freeIP addresses are issued over this period, additional authentificationrequests will be rejected by the NAS. On the other hand, if a positivereply is received to the request for a new subset of addresses, thenthis positive reply will be notified to all the other RADIUS servers bymeans of a multicast, and internally all the relevant data will beupdated. This mechanism can also be used for the automaticreconfiguration of a RADIUS server after it is rebooted.

In the case of a failure of a RADIUS server, a hierarchy ofresponsibilities will be prescribed by a list of the codes of the RADIUSservers. After the point when no more updating messages are receivedfrom the RADIUS server which has failed, the RADIUS server at the top ofthe hierarchy, or the next RADIUS server after that, will take over thecontrol or administration of the appropriate IP address ranges. In thisprocess, the following steps are executed in the RADIUS server whichtakes over the administration of the subsets of addresses:

The take-over of the addresses is initiated by the expiry of themonitoring timer. After this, a request is sent to the RADIUS serverwhich has failed for an updating message. If no reply is received tothis, a multicast message is used to inform all the other RADIUS serversthat the RADIUS server which is sending the multicast message is takingover the administration and assignment of the subsets of addressesbelonging to the RADIUS server which has failed. The subsets ofaddresses belonging to the RADIUS server which is taking over isextended by the subsets which have been taken over. In doing this, thosesubsets which are marked as “uncertain” will be blocked, and a timerwill be started for this blocking. This timer measures the maximum timefor which an IP address may be assigned to a connection. On expiry ofthe timer, the block will be removed from the subsets of addresses. Now,all the IP address resources are once more available, and the failure ofthe RADIUS server is completely compensated.

1. Method for updating information in an AAA server system, whereby anupdating message (UpdtRAD1, UpdtRAD2, UpdtRAD3) is sent regularly by afirst AAA server (RAD1, RAD2, RAD3) of the AAA server system (RADSS) toall the other AAA servers (RAD1, RAD2, RAD3) of the AAA server system(RADSS), this updating message (UpdtRAD1, UpdtRAD2, UpdtRAD3)incorporates information about changes to the status of the subsets (A1,A2, A3) of the address pool (A) which are assigned to the first AAAserver (RAD1, RAD2, RAD3), which have taken place since the previousupdating message (UpdtRAD1, UpdtRAD2, UpdtRAD3) before the updatingmessage (UpdtRAD1, UpdtRAD2, UpdtRAD3) is sent, an estimate is made inthe first AAA server (RAD1, RAD2, RAD3) of the logical addresses whichwill be issued in the time period between the updating message which isabout to be sent (UpdtRAD1, UpdtRAD2, UpdtRAD3) and the next-followingupdating message (UpdtRAD1, UpdtRAD2, UpdtRAD3), subsets (A1, A2, A3) ofthe address pool (A), which are assigned to the first AAA server (RAD1,RAD2, RAD3), are selected from which to take the logical addresseswhich, according to the estimate, will be required in the time period,and the updating message (UpdtRAD1, UpdtRAD2, UpdtRAD3) also containsinformation about which of the subsets (A1, A2, A3) of the address pool(A), which are assigned to the first AAA server (RAD1, RAD2, RAD3), havebeen selected from which to take the logical addresses which, accordingto the estimate, will be required in the time period.
 2. Method inaccordance with claim 1, characterized in that the estimate is made byforming the product of the maximum rate at which the AAA server (RAD1,RAD2, RAD3) can process requests for the issue of a logical address andthe time period between the updating message (UpdtRAD1, UpdtRAD2,UpdtRAD3) which is about to be sent and the next-following updatingmessage (UpdtRAD1, UpdtRAD2, UpdtRAD3).
 3. Method in accordance with oneof the claims 1 or 2, characterized in that the first AAA server (RAD1,RAD2, RAD3) checks whether the subsets (A1, A2, A3) of the address pool(A) which will be required according to the estimate are available, andif the result of the check by the first AAA server (RAD1, RAD2, RAD3) isnegative, the assignment of a subset from another AAA server (RAD1,RAD2, RAD3) to the first AAA server (RAD1, RAD2, RAD3) is effected. 4.Method in accordance with one of the claims 1 or 2, characterized inthat in the event of the failure of the first AAA server (RAD1, RAD2,RAD3), the subsets (A1, A2, A3) of the address pool (A) which areassigned to the first AAA server (RAD1, RAD2, RAD3) are assigned to asecond AAA server (RAD1, RAD2, RAD3).
 5. Method in accordance with claim4, characterized in that the second AAA server (RAD1, RAD2, RAD3) isselected in accordance with the stipulations of a priority list of AAAservers (RAD1, RAD2, RAD3).
 6. Method in accordance with claim 1 and oneof the claims 4 or 5, characterized in that if a first AAA server (RAD1,RAD2, RAD3) fails the subsets (A1, A2, A3) of the address pool (A),which according to the last updating message received by the second AAAserver (RAD1, RAD2, RAD3) from the first AAA server (RAD1, RAD2, RAD3)have been selected from which to take the logical addresses whichaccording to the estimate will be required in the time period, will notbe used for the reissuing of logical addresses (IP1, . . . , IPN) for aperiod of time.
 7. Method in accordance with claim 6, characterized inthat the time period will be determined in accordance with thestipulations for the maximum permissible connection time.
 8. Method inaccordance with one of the preceding claims, characterized in that asecond AAA server (RAD1, RAD2, RAD3) is rebooted, and the second AAAserver (RAD1, RAD2, RAD3) transmits a multicast message to all the otherAAA servers (RAD1, RAD2, RAD3) of the AAA server system (RADSS), bywhich it requests the dispatch of updating messages (UpdtRAD1, UpdtRAD2,UpdtRAD3) and the assignment of subsets (A1, A2, A3) of the address pool(A) to the first AAA server (RAD1, RAD2, RAD3).
 9. Method in accordancewith one of the preceding claims, characterized in that the TCP/IPprotocol, the RADIUS protocol or the DIAMETER protocol is used as thetransport protocol for the communication of updating messages (UpdtRAD1,UpdtRAD2, UpdtRAD3).